What is RHSA-2018:1809?

RHSA-2018:1809 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Spring Boot security and bug fix update

Which CVE IDs does RHSA-2018:1809 cover?

RHSA-2018:1809 covers the following CVE IDs: CVE-2018-1257, CVE-2018-1259, CVE-2018-1260. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of RHSA-2018:1809?

RHSA-2018:1809 has a CVSS v3 base score of 7.3, published by Red Hat Product Security.

RHSA-2018:1809HighCVSS 7.3

Red Hat Security Advisory: Red Hat OpenShift Application Runtimes Spring Boot security and bug fix update

Vendor

Red Hat Product Security

Published

June 7, 2018

Last Modified

June 15, 2026

🔗 CVE IDs covered (3)

CVE-2018-1257 →CVE-2018-1259 →CVE-2018-1260 →

📋 Description

CVE-2018-1257 — spring-framework: ReDoS Attack with spring-messaging CVE-2018-1259 — spring-data-commons: XXE with Spring Data’s XMLBeam integration CVE-2018-1260 — spring-security-oauth: remote code execution in the authorization process

🔗 References (8)

selfhttps://access.redhat.com/errata/RHSA-2018:1809
externalhttps://access.redhat.com/security/updates/classification/#important
externalhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=catRhoar.spring.boot&downloadType=distributions&version=1.5.13
externalhttps://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1578578
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1578902
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1584376
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1809.json